Home / Vulnerability Intelligence / CVE-2019-25531

CVE-2019-25531 - Vulnerability Analysis

HighCVSS: 8.2

Last Updated: March 12, 2026

Netartmedia Deals Portal - SQL Injection

Published: March 12, 2026Updated: March 12, 2026Remote Exploitable

Overview

Netartmedia Deals Portal contains an sql_injection caused by unsanitized Email parameter in loginaction.php, letting unauthenticated attackers manipulate database queries and extract sensitive information or bypass authentication.

Severity & Score

Severity: High

CVSS Score: 8.2

Impact

Unauthenticated attackers can extract sensitive data or bypass authentication, compromising database integrity and confidentiality.

Mitigation

Update to the latest version with SQL injection fixes or apply appropriate input sanitization and parameterized queries.

References

https://www.exploit-db.com/exploits/46582
https://www.vulncheck.com/advisories/netartmedia-deals-portal-lastest-sql-injection-via-loginaction-php

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2019-25531
Severity: High
CVSS Score: 8.2
Type: sql_injection
Status: unconfirmed

CWE

CWE-89

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N